Worried About Cybersecurity? Let Buglab Rescue You!

“The 6th largest crypto exchange Bithumb was hacked and $30 million was stolen by the hackers”. Sounds familiar? Most probably, because this just happened a few weeks ago. Companies, both large and small are at risk of being hacked. Even if as an individual, you do not own a company, you definitely do use services and products offered by these companies that are at risk, so this concerns everyone. This is because the demand for cybersecurity professionals immensely exceeds supply as hackers are advancing minute by minute. The Global Information Security Workforce Study 2017 report from Frost & Sullivan and the International Information Systems Security Certifications Consortium Inc. states that unfilled jobs in Cybersecurity will be over 1.8 million by 2022. This should worry you as every company will be at risk as personal data, even customer data will definitely be vulnerable as by 2025, it is estimated that there will be 50 billion devices online. The security issue is not even farfetched because just two years ago, there was an email leak during the U.S. presidential elections that portrayed the Democratic party in a negative light. This shows that hacking is a problem, not only for existing software companies but also for blockchain companies. This is a problem, but Buglab has a solution!

Buglab?

According to the Founder and CEO, Reda Cherqaoui, Buglab is “An affordable penetration testing for small and medium businesses”. “We are proud to say cybersecurity. What we are doing is that we are connecting a community of cybersecurity researchers which are certified and hand selected with customers who have needs in cybersecurity”, he added during an exclusive interview with Decentral Magazine.

In essence, Buglab aims to helps companies in different fields such as IT, financial services, or retail to identify and mitigate cybersecurity gaps in their systems. The platform is meant to detect vulnerabilities on these companies websites, smart contracts, IoT devices and mobile applications by performing penetration tests.

How do they do this?

Whoever said cybersecurity penetration is not fun, definitely has not heard of Buglab’s penetration testing contests:

“Typically we are turning penetration testing into contests. We are creating a competition whereby the cybersecurity researchers challenge each other in order to be the first three with the highest score in vulnerabilities reported. Those top 3 researchers get awarded 70% of the contest prize. The first one will get 40%, second will get 20%, third gets 10%. The platform also enables clients to give some customer rewards to those researchers that did not win the contest who may have found critical vulnerabilities that were not found by the top three.” Reda Cherqaoui at the Blockchain Economic Forum in an exclusive interview with Decentral Magazine.

The Buglab penetration contest enables all companies to use the platform work with a community of certified cybersecurity penetration testers who get incentivized for it. This is done in a form of a race so the clients are sure to receive fast and credible results. The testers can be independent or a group of less than five from a validated company.

As a Company, how do I go about this?

No matter how big or small, all companies are welcome to use the Buglab platform. The following steps show how easy it is to get your company pentested by cybersecurity professionals:

Sign up on the platform and provide information about the company; goods and services it provides then subscribe to competition contract choosing personalized rules the company would like to set. It is possible to customize competition confidentiality, type of management wanted, contest cost depending on the chosen plan and an option bonus.

Based on the set confidentiality, the client chooses from a list of pentesters in the community and the Buglab recommendation engine helps to assign a proper match.

Chosen pentesters test the company’s system and submit a report. The scoring system encourages pentesters to be the first to submit vulnerabilities as the maximum amount discovered gets the highest score.

What are the core features behind Buglab?

Public Contests: After the company provides required information and launches contest, the community receives an invitation to participate.

Private Contests: Clients can choose pentesters from the community or a team from a validated cybersecurity company to solve their problem.

Triage System: Reported vulnerabilities go through a sorting system on the platform to identify duplicates before reaching the client. This reduces redundancy and gives the client relevant information only.

Reports: The clients receive reports on the security contest with summarized performance. This will help the client compare security status and assets progress.

Client-Managed: Clients can choose their own contest management from Basic, Pro or Enterprise.

Mediation: In the case of a client managing the contest themselves, they may ask for mediation from Buglab. This happens if a pentester feels that the score or evaluation was unfair so Buglab will mediate the situation.

Leader-board: This shows a ranking of pentesters according to their scores and experience. This makes it easier for clients to pick star pentesters.

Chat: Every report gives a chance for clients to chat with pentesters to get help fixing the vulnerabilities.

Fix Companion: A company that chooses Enterprise level has the opportunity to let Buglab verify whether the fix has been implemented.

The Buglab pentester contest is just one offering from the company. There is another offering, specifically for “Whitehats” under the Vigilante Protocol.

Vigilante protocol?

The Vigilante protocol is an integrated hacking prevention program. Under this, whitehat researchers report vulnerabilities about companies that are not on the Buglab platform. Companies are then invited to reward the whitehats for the discovered vulnerabilities. Essentially, companies get to know their flaws at a minimum cost. The way in which this works as explained by Reda Cherqaoui is that:

“It allows whitehat hackers globally to report vulnerabilities to Buglab. These vulnerabilities are of companies that are not on our platform and in partnership with Cert and CSirt they contact those companies to help them fix their vulnerabilities.”

Buglab also recently announced that they plan to secure cryptocurrency exchanges by hosting contests with a reward pool on $2 million.

Why partner with Cert and CSirt in the first place?

When a white hat reports a vulnerability to us; if we check if this vulnerability exists or not, we need to test it by exploiting it and if we do that it’s illegal. So if they do that, it’s legal and that’s why they are in partnership. So when the cert and CSirt confirm that the vulnerability exists, the whitehat hacker receives some tokens from the vigilante protocol reserve in which the company puts funds.

The company helped can choose to reward the hacker or host a contest on the Buglab platform. Since the whitehat is the one that brought the company on board, they receive 2% of the service fee. The whitehat will be allowed to participate even without a pentester status.

Why focus on whitehats?

Normally, people are not allowed to do this as they have no authorization from the company to perform those tests and find vulnerabilities. When they do it, they protect their identity in many ways like having journalists be the intermediary between themselves and the vulnerable company as they cannot contact the companies directly. There are currently cases of people who have critical vulnerabilities data on really big companies but they cannot communicate with nor contact the companies to help them because they are afraid. Whitehats normally do not get money from reporting these vulnerabilities so they decide to just keep them and do nothing about it. However, if a blackhat discovers a vulnerability, they will just steal the data and sell it on the black market, deface the website or do something bad for the company. There is a gap here and there is something to do for whitehats.

Currently, available penetration testing services are not viable for small and medium companies. Penetration tests performed by cybersecurity consulting firms require clients to pay in regards to total billable hours. Moreover, only one or two pentesters do the job. This means that regardless of the results the company will pay close to $100 per hour with only limited pentesters on the job. The end result is often a report in a PDF format and doesn’t facilitate the fixing of the vulnerability or getting more details about the vulnerability from the pentesters. Secondly, bug bounty challenges require clients to pay according to each vulnerability found. Vulnerabilities discovered are sometimes not in the budget of the company in regards to resources. From these tests, the client might get irrelevant results as flaws are researched without deep research. At the end of the day, a client will just receive flaws without any value for their company.

Another reason raised by Reda Cherqaoui in regards to bounties is that:

“Big businesses can afford to do this because they know their level of security. So, they can afford running a bounty because they know people will not find 1001 vulnerabilities. Small and Medium businesses don’t normally perform penetration tests; so imagine if you end up receiving 101 vulnerabilities, each worth about $100. That’s more expensive.”

What is the revenue model?

In Buglab, 70% of the contest fee goes towards the top three pentesters, while 19% goes to the company itself. 1% is for Buglab transaction reserve that is used to pay transaction on the blockchain and 10% is for the vigilante protocol reserve so as to pay whitehats.

What about the ICO?

Any final words for the Buglab community?

Reda Cherqaoui has very short but powerful words for the Buglab community:

Something good is coming. Check the website and be updated

If you still have not joined the Buglab community, what are you really waiting for? The future is exciting, but it also seems scary because we don’t know who’s next in regards to being hacked. In order to avoid being the next future statistic, do the right thing and protect yourself using Buglab.

I appreciate you spending some time and energy to put this short article together. I once again find myself personally spending way too much time both reading and posting comments. But so what, it was still worthwhile!

Hey I am so thrilled I found your web site, I really found you by mistake, while I was researching on Yahoo for something else, Nonetheless I am here now and would just like to say thanks a lot for a fantastic post and a all round interesting blog (I also love the theme/design), I don’t have time to read it all at the minute but I have saved it and also added in your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the excellent job.

I think this is one of the most vital info for me. And i am glad reading your article. But wanna remark on some general things, The website style is wonderful, the articles is really excellent : D. Good job, cheers

We’re a gaggle of volunteers and starting a new scheme in our community. Your web site offered us with helpful info to work on. You have done a formidable job and our entire neighborhood will be thankful to you.

Hi there! Someone in my Facebook group shared this site with us so I came to look it over. I’m definitely enjoying the information. I’m bookmarking and will be tweeting this to my followers! Superb blog and brilliant design and style.

I have been exploring for a bit for any high-quality articles or weblog posts on this sort of space .

Exploring in Yahoo I finally stumbled upon this web site. Studying this information So i am glad to exhibit that I’ve an incredibly excellent uncanny feeling I came upon exactly what I needed. I so much definitely will make certain to don’t overlook this site and provides it a look on a relentless basis.

Thanks for some other informative web site. Where else could I am getting that kind of information written in such a perfect way? I have a challenge that I’m simply now working on, and I’ve been at the look out for such information.

This design is incredible! You most certainly know how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!) Great job. I really loved what you had to say, and more than that, how you presented it. Too cool!

I really wanted to compose a quick note to thank you for all the superb advice you are showing on this site. My time-consuming internet research has finally been paid with incredibly good knowledge to go over with my family members. I ‘d suppose that most of us readers are definitely lucky to be in a fabulous community with very many awesome individuals with helpful strategies. I feel extremely happy to have encountered your weblog and look forward to so many more amazing moments reading here. Thanks once more for everything.

Thank you for every other informative site. The place else could I get that kind of info written in such a perfect approach? I have a project that I’m just now working on, and I’ve been at the look out for such info.

Many thanks for being our coach on this topic. My spouse and I enjoyed your current article greatly and most of all preferred how you handled the areas I have widely known as controversial. You’re always quite kind to readers really like me and let me in my everyday living. Thank you.

It’s simple, yet effective. A lot of times it’s challenging to get that “perfect balance” between superb usability and visual appeal. I must say you’ve done a awesome job with this. In addition, the blog loads extremely quick for me on Firefox. Outstanding Blog!

Woah! I’m really loving the template/theme of this website. It’s simple, yet effective. A lot of times it’s challenging to get that “perfect balance” between superb usability and visual appeal. I must say you’ve done a awesome job with this. In addition, the blog loads extremely quick for me on Firefox. Outstanding Blog!

Wow that was unusual. I just wrote an extremely long comment but after I clicked submit my comment didn’t show up. Grrrr… well I’m not writing all that over again. Anyway, just wanted to say great blog!

you are really a excellent webmaster. The site loading pace is incredible. It kind of feels that you are doing any unique trick. Moreover, The contents are masterpiece. you’ve done a magnificent activity on this subject!

Wonderful goods from you, man. I have keep in mind your stuff previous to and you’re just too wonderful. I actually like what you’ve got here, certainly like what you’re stating and the best way wherein you say it. You’re making it entertaining and you continue to take care of to keep it smart. I cant wait to read much more from you. This is actually a tremendous website.

Thank you a lot for sharing this with all people you actually recognize what you’re speaking about! Bookmarked. Kindly additionally discuss with my web site =). We can have a hyperlink alternate agreement between us

Thank you a lot for giving everyone a very wonderful opportunity to read critical reviews from this blog. It’s always very kind and jam-packed with amusement for me and my office co-workers to search the blog at minimum thrice weekly to see the new secrets you will have. And definitely, I’m also actually impressed with the exceptional strategies you serve. Selected two areas on this page are surely the most efficient I’ve had.

Howdy! I could have sworn I’ve been to this site before but after reading through some of the post I realized it’s new to me. Anyways, I’m definitely happy I found it and I’ll be bookmarking and checking back often!

Appreciating the time and effort you put into your blog and in depth information you present. It’s good to come across a blog every once in a while that isn’t the same old rehashed information. Great read! I’ve saved your site and I’m including your RSS feeds to my Google account.

Greetings from Los angeles! I’m bored to death at work so I decided to check out your site on my iphone during lunch break. I enjoy the info you present here and can’t wait to take a look when I get home. I’m surprised at how quick your blog loaded on my mobile .. I’m not even using WIFI, just 3G .. Anyways, awesome site!

Hey! I know this is kinda off topic but I’d figured I’d ask. Would you be interested in trading links or maybe guest writing a blog post or vice-versa? My website addresses a lot of the same topics as yours and I think we could greatly benefit from each other. If you’re interested feel free to send me an e-mail. I look forward to hearing from you! Fantastic blog by the way!

You could definitely see your enthusiasm within the work you write. The world hopes for even more passionate writers such as you who are not afraid to say how they believe. At all times follow your heart.

Check Also

Follow Us

About

Decentral magazine is an online media, that treats daily news about cryptocurrency and ICO analysis. The DC team is composed of professional and enthusiastic crypto holders from around the globe. Our mission is to provide you with exclusive content in various languages.